<?php
/*
 * 进云智能生成平台
 * [JINYUN!] (C)2001-2099 Jinyunweb.com
 * This is NOT a freeware, use is subject to license terms
 * $Id: 2017-12-13 03:39:35 apple $
 * 小程序端，小程序端不会自动发送cookie，需要手动发送sessionID，此处访问首页，成功则返回sessionID，失败则返回0
*/
defined('BY_JYA') or exit('error');
$_RQ['op']=$_RQ['op']?$_RQ['op']:'login';
if(!$_SESSION['appgid']){
	exit('没有小程序站点！');
}
$wxapp=pdo_get('core_account_wxapp',array('id'=>$_SESSION['appgid'],'uniacid'=>$_SESSION['uniacid']));
if(!$wxapp){
	exit('指定小程序不存在！');
}
if($_RQ['op']=='login'){
	if(!$_SESSION['session_key']){
		if($_RQ['code']){
			//如果有code，根据code获取粉丝openid
			$url='https://api.weixin.qq.com/sns/jscode2session?appid='.$wxapp['appid'].'&secret='.$wxapp['appsecret'].'&js_code='.$_RQ['code'].'&grant_type=authorization_code';
			$result=cfc('http')->ihttp_get($url);
			if(is_error($result)){
				exit('获取粉丝信息失败：'.$result['message']);
			}
			$result=json_decode($result['content'],true);
			if($result['errcode']){
				$return=array('type'=>'error','message'=>$result['errcode'].'-'.$result['errmsg']);
			}else{
				$return=array('openid'=>$result['openid'],'session_key'=>$result['session_key'],'token'=>$_SESSION['token']);
			}
		}else{
			
		}
		exi($return);
	}else{
		$return=array('openid'=>$_SESSION['openid'],'session_key'=>$_SESSION['session_key'],'token'=>$_SESSION['token']);
		exi($return);
	}
	
}
if($_RQ['op']=='auth'){
	$encrypt_data = $_RQ['encryptedData'];
	$iv = $_RQ['iv'];
	$rawData = $_RQ['rawData'];
	$signature = $_RQ['signature'];
	if($_RQ['session_key']){
		$_SESSION['session_key'] = $_RQ['session_key'];
	}
	if (empty($_SESSION['session_key']) || empty($encrypt_data) || empty($iv)) {
		exi('请先登录!','error');
	}
	$data = $rawData.$_SESSION['session_key'];
	$sign = sha1($data);
	if ($sign !== $signature) {
		exi($sign.'签名错误(userinfo)'.$signature,'error');
	}
	$pc = cfc('wxapp');
	$pc->WXBizDataCrypt($wxapp['appid'], $_SESSION['session_key']);
	$userinfo = $pc->pkcs7Encode($encrypt_data, $iv);
	$userinfo['nickname'] = $userinfo['nickName'];
	$_SESSION['userinfo'] = base64_encode(serialize($userinfo));
	if($userinfo['openId']){
		$fans = cfc('core')->get_fans($userinfo['openId']);
	}else{
		exi('openid获取失败！'.$userinfo,'error');
	}
	$fans_update = array(
		'unionid' => $userinfo['unionId'],
		'openid' => $userinfo['openId'],
		'nickname' => $userinfo['nickName'],
		'sex' => $userinfo['gender'],
		'pcd' => $userinfo['pcd'],
		'avatar' => $userinfo['avatarUrl'],
	);
	if (!empty($userinfo['unionId'])) {
		$union_fans = pdo_get('core_fans', array('uniacid'=>$_SESSION['uniacid'],'unionid' => $userinfo['unionId'], 'openid !=' => $userinfo['openId']));
		if (!empty($union_fans['mid'])) {
			if (!empty($fans['mid'])) {
				pdo_delete('core_members', array('id' => $fans['mid']));
			}
			$fans_update['mid'] = $union_fans['mid'];
			$_SESSION['uid'] = $union_fans['mid'];
		}
	}
	pdo_update('core_fans', $fans_update, array('id' => $fans['id']));
	pdo_update('core_members', array('nickname' => $userinfo['nickName'], 'avatar' => $userinfo['avatarUrl']), array('id' => $fans['mid']));
	$member = cfc('core')->get_member($fans['mid']);
	$member['openid'] = $userinfo['openId'];
	unset($member['password']);
	unset($member['salt']);
	exi($member);
}
if($_RQ['op']=='check'){
	$openid = trim($_RQ['openid']);
	if (empty($openid)) {
		exi('openid获取失败！','error');
	}
	$fansinfo = cfc('core')->getfans($openid);
	if (empty($fansinfo)) {
			$fansdata = array('uniacid' => $_W['uniacid'], 'mid' => 0, 'openid' => $openid, 'createtime' => time());
			pdo_insert('core_fans', $fansdata);
			$member['id'] = pdo_insertid();
	}
	$return=array('openid' => $openid, 'nickname' => $fansinfo['nickname'], 'avatarUrl' => tomedia($fansinfo['avatar']));
	exi($return);
}